FBI paid professional hackers to help unlock San Bernardino terrorist’s iPhone

The device belonged to Syed Farook, who, with his wife, shot dead 14 people in an attack on an office Christmas gathering in California last year

Tim Walker
US Correspondent
Wednesday 13 April 2016 22:21 BST
Comments
The FBI successfully managed to access a locked iPhone device last month
The FBI successfully managed to access a locked iPhone device last month (Getty)

The FBI paid professional hackers to help the agency unlock an iPhone owned by one of the San Bernardino terrorists, it has emerged. The hackers found a security flaw in the device, which they shared with the FBI in return for a “one-time flat fee”, the Washington Post reported.

That information was used to develop hardware with which the FBI could crack the phone’s four-digit passcode without triggering a security feature that would have wiped its data.

The iPhone 5c belonged to Syed Farook, who, with his wife, Tashfeen Malik, shot dead 14 people in an attack on an office Christmas gathering in San Bernardino, California in December last year. They were later killed in a shootout with police.

Apple resisted a February court order compelling the company to write new software to unlock the device. But the FBI abandoned the case last month, saying it had “successfully accessed the data” stored on the phone with the assistance of a third party.

At the time it was reported that the third party in question may have been the Israeli cybersecurity firm Cellebrite, but sources told the Post that was not the case.

At least one of the people who brought the security flaw to the FBI was a “grey hat” hacker, the newspaper reported, meaning people who search for software vulnerabilities and sell the information to government agencies to use, for example in surveillance.


Syed Farook and his wife Tashfeen Malik. The couple killed 14 people in San Bernardino last December 

 Syed Farook and his wife Tashfeen Malik. The couple killed 14 people in San Bernardino last December 
 (Reuters)

So-called “white hat” hackers report such flaws to firms like Apple so that they can be fixed, while “black hat” hackers exploit such flaws for their own use. “Grey hat” hackers are seen as occupying an ethical grey area between the two.

The US government has yet to decide whether it will share the de

vice’s vulnerability with Apple, which has said it will not sue to learn it. FBI director James Comey has said that the solution used to unlock Farook’s phone would only work on iPhone 5cs running on iOS 9, meaning it would be ineffective for cracking more recent models or operating systems.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in